CVS commit: pkgsrc/misc/dpkg

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/misc/dpkg
From: "Adam Ciarcinski" <adam%netbsd.org@localhost>
Date: Thu, 7 Dec 2017 12:35:41 +0000

Module Name:    pkgsrc
Committed By:   adam
Date:           Thu Dec  7 12:35:41 UTC 2017

Modified Files:
        pkgsrc/misc/dpkg: Makefile PLIST distinfo

Log Message:
dpkg: updated to 1.18.24

dpkg 1.18.24:
* Add missing symbols to the libdpkg map file.
* Fix dpkg-shlibdeps to preserve the Dpkg::Shlibs::find_library() order
  when scanning symbols/shlibs files. This was causing generation of bogus
  dependencies when multiple packages provide the same SONAME on different
  directories. Regression introduced in dpkg 1.18.17.
* Make dpkg-maintscript-helper print all unowned files from a directory
  when printing the error message, to ease debugging those problems after
  the fact.
  Based on a patch by Bastien ROUCARI?<88>S <roucaries.bastien%gmail.com@localhost>.
* Add duplicate prevention code for debian/files to dpkg-genbuildinfo, so
  that successive runs with different versions and equivalent build types
  do not generate multiple .buildinfo entries to be uploaded, which is
  similar to what dpkg-gencontrol is doing for .deb files.
* Fix conffile takeover handling during unpack in dpkg on --root or
  on diversions.
* Fix digest inference for shared conffiles, causing bogus takeover
  unpack errors. Regression introduced in dpkg 1.16.9.
* Improve tar entry metadata parsing in dpkg:
  - Do not parse device numbers for non block nor char tar entry objects.
  - Make the existing octal parser more robust, by checking for the
    expected format of leading zeros or spaces, followed by any ASCII
    octal characters (0-7), followed by zero or more space or NULs.
  - Add support for base-256 encoded numeric fields, to support large
    values, for UID/GID, device number, size and even signed timestamps.
    This is necessary not only to be able to store larger values, but to
    cover packages that can already be generated by dpkg-deb, given that
    it uses the system GNU tar when building.
* Architecture support:
  - Add support for ARM64 ILP32.
* Perl modules:
  - Remove obsolete hardening-wrapper support from Dpkg::Vendor::Ubuntu.
  - Bump $Dpkg::Deps::VERSION to match the one documented in CHANGES.
  - Ignore by default debian/files.new and debian/files for all source
    formats in Dpkg::Source::Package, because these are generated files
    with well known pathnames, part of the public interface, and with
    dpkg-genbuildinfo always injecting .buildinfo entries into
    debian/files, this meant this could disrupt previous workflows based
    on not cleaning the source tree.
* Documentation:
  - Many spelling fixes.
  - Do not include mispellings in changelogs, as that makes detecting them
    more difficult.
* Build system:
  - Use libexec variable for auxiliary internal programs, and set it to
    /usr/lib on Debian and derivatives.
  - Check that the detected tar is a GNU tar.
  - Check that the detected patch is a GNU patch, so that we get a directory
    traversal resistant patch implementation. This fixes CVE-2017-8283 by
    delegating those checks to patch(1), so that we trap blank-indented
    diff hunks trying to escape from the source tree.
* Test suite:
  - Add a test case for blank-indented patches which were the cause for
    CVE-2017-8283.
  - Handle files with non-zero sizes in c-tarextract libdpkg test code.


To generate a diff of this commit:
cvs rdiff -u -r1.43 -r1.44 pkgsrc/misc/dpkg/Makefile
cvs rdiff -u -r1.11 -r1.12 pkgsrc/misc/dpkg/PLIST
cvs rdiff -u -r1.12 -r1.13 pkgsrc/misc/dpkg/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/misc/dpkg/Makefile
diff -u pkgsrc/misc/dpkg/Makefile:1.43 pkgsrc/misc/dpkg/Makefile:1.44
--- pkgsrc/misc/dpkg/Makefile:1.43      Tue Aug  1 14:59:02 2017
+++ pkgsrc/misc/dpkg/Makefile   Thu Dec  7 12:35:41 2017
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.43 2017/08/01 14:59:02 wiz Exp $
+# $NetBSD: Makefile,v 1.44 2017/12/07 12:35:41 adam Exp $
 
-DISTNAME=      dpkg_1.18.23
+DISTNAME=      dpkg_1.18.24
 PKGNAME=       ${DISTNAME:S/_/-/}
-PKGREVISION=   1
 CATEGORIES=    misc
 MASTER_SITES=  ${MASTER_SITE_DEBIAN:=pool/main/d/dpkg/}
 EXTRACT_SUFX=  .tar.xz
@@ -12,6 +11,7 @@ HOMEPAGE=     https://wiki.debian.org/Teams/
 COMMENT=       Package maintenance system for Debian
 LICENSE=       gnu-gpl-v2
 
+DEPENDS+=              patch-[0-9]*:../../devel/patch
 BUILD_DEPENDS+=                po4a-[0-9]*:../../textproc/po4a
 # TEST_DEPENDS
 BUILD_DEPENDS+=                p5-IO-String-[0-9]*:../../devel/p5-IO-String
@@ -20,20 +20,19 @@ WRKSRC=             ${WRKDIR}/${PKGNAME_NOREV}
 BUILD_DEFS+=   VARBASE
 
 USE_PKGLOCALEDIR=      yes
-GNU_CONFIGURE=         yes
 USE_LANGUAGES=         c c++
 USE_TOOLS+=            gmake msgfmt perl:run gtar:run pod2man
+GNU_CONFIGURE=         yes
+CONFIGURE_ARGS+=       --with-admindir=${VARBASE}/db/dpkg
+CONFIGURE_ARGS+=       --sysconfdir=${PREFIX}/share/dpkg
+CONFIGURE_ARGS.Darwin+=        --enable-linker-optimizations=no
+CONFIGURE_ENV+=                PATCH=${PREFIX}/bin/gpatch
+CONFIGURE_ENV+=                TAR=${TOOLS_PLATFORM.gtar:Q}
 TEST_TARGET=           check
 INCOMPAT_CURSES+=      NetBSD-[0-5].*-*
 
 REPLACE_PERL=          scripts/*.pl
 
-CONFIGURE_ARGS+=       --with-admindir=${VARBASE}/db/dpkg
-CONFIGURE_ARGS+=       --sysconfdir=${PREFIX}/share/dpkg
-CONFIGURE_ARGS+=       TAR=${TOOLS_PLATFORM.gtar}
-
-CONFIGURE_ARGS.Darwin+=        --enable-linker-optimizations=no
-
 .include "../../archivers/bzip2/buildlink3.mk"
 .include "../../archivers/xz/buildlink3.mk"
 .include "../../converters/libiconv/buildlink3.mk"

Index: pkgsrc/misc/dpkg/PLIST
diff -u pkgsrc/misc/dpkg/PLIST:1.11 pkgsrc/misc/dpkg/PLIST:1.12
--- pkgsrc/misc/dpkg/PLIST:1.11 Thu Mar  9 11:52:26 2017
+++ pkgsrc/misc/dpkg/PLIST      Thu Dec  7 12:35:41 2017
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.11 2017/03/09 11:52:26 wiz Exp $
+@comment $NetBSD: PLIST,v 1.12 2017/12/07 12:35:41 adam Exp $
 bin/dpkg
 bin/dpkg-architecture
 bin/dpkg-buildflags
@@ -68,31 +68,6 @@ include/dpkg/trigdeferred.h
 include/dpkg/triglib.h
 include/dpkg/varbuf.h
 include/dpkg/version.h
-lib/dpkg/methods/disk/desc.cdrom
-lib/dpkg/methods/disk/desc.harddisk
-lib/dpkg/methods/disk/desc.mounted
-lib/dpkg/methods/disk/desc.nfs
-lib/dpkg/methods/disk/install
-lib/dpkg/methods/disk/names
-lib/dpkg/methods/disk/setup
-lib/dpkg/methods/disk/update
-lib/dpkg/methods/floppy/desc.floppy
-lib/dpkg/methods/floppy/install
-lib/dpkg/methods/floppy/names
-lib/dpkg/methods/floppy/setup
-lib/dpkg/methods/floppy/update
-lib/dpkg/methods/ftp/desc.ftp
-lib/dpkg/methods/ftp/install
-lib/dpkg/methods/ftp/names
-lib/dpkg/methods/ftp/setup
-lib/dpkg/methods/ftp/update
-lib/dpkg/methods/multicd/desc.multi_cd
-lib/dpkg/methods/multicd/desc.multi_mount
-lib/dpkg/methods/multicd/desc.multi_nfs
-lib/dpkg/methods/multicd/install
-lib/dpkg/methods/multicd/names
-lib/dpkg/methods/multicd/setup
-lib/dpkg/methods/multicd/update
 lib/libdpkg.la
 ${PERL5_SUB_INSTALLVENDORLIB}/Dpkg.pm
 ${PERL5_SUB_INSTALLVENDORLIB}/Dpkg/Arch.pm
@@ -161,6 +136,31 @@ ${PERL5_SUB_INSTALLVENDORLIB}/Dpkg/Vendo
 ${PERL5_SUB_INSTALLVENDORLIB}/Dpkg/Version.pm
 ${PERL5_SUB_INSTALLVENDORLIB}/Dselect/Ftp.pm
 lib/pkgconfig/libdpkg.pc
+libexec/dpkg/methods/disk/desc.cdrom
+libexec/dpkg/methods/disk/desc.harddisk
+libexec/dpkg/methods/disk/desc.mounted
+libexec/dpkg/methods/disk/desc.nfs
+libexec/dpkg/methods/disk/install
+libexec/dpkg/methods/disk/names
+libexec/dpkg/methods/disk/setup
+libexec/dpkg/methods/disk/update
+libexec/dpkg/methods/floppy/desc.floppy
+libexec/dpkg/methods/floppy/install
+libexec/dpkg/methods/floppy/names
+libexec/dpkg/methods/floppy/setup
+libexec/dpkg/methods/floppy/update
+libexec/dpkg/methods/ftp/desc.ftp
+libexec/dpkg/methods/ftp/install
+libexec/dpkg/methods/ftp/names
+libexec/dpkg/methods/ftp/setup
+libexec/dpkg/methods/ftp/update
+libexec/dpkg/methods/multicd/desc.multi_cd
+libexec/dpkg/methods/multicd/desc.multi_mount
+libexec/dpkg/methods/multicd/desc.multi_nfs
+libexec/dpkg/methods/multicd/install
+libexec/dpkg/methods/multicd/names
+libexec/dpkg/methods/multicd/setup
+libexec/dpkg/methods/multicd/update
 man/de/man1/dpkg-architecture.1
 man/de/man1/dpkg-buildflags.1
 man/de/man1/dpkg-buildpackage.1

Index: pkgsrc/misc/dpkg/distinfo
diff -u pkgsrc/misc/dpkg/distinfo:1.12 pkgsrc/misc/dpkg/distinfo:1.13
--- pkgsrc/misc/dpkg/distinfo:1.12      Mon Mar  6 22:47:04 2017
+++ pkgsrc/misc/dpkg/distinfo   Thu Dec  7 12:35:41 2017
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.12 2017/03/06 22:47:04 wiz Exp $
+$NetBSD: distinfo,v 1.13 2017/12/07 12:35:41 adam Exp $
 
-SHA1 (dpkg_1.18.23.tar.xz) = a090c0003d27bd467b9d4e683f2fa634f88d9486
-RMD160 (dpkg_1.18.23.tar.xz) = 84ee173c6efa0437f9faccefea59f82edaea821e
-SHA512 (dpkg_1.18.23.tar.xz) = 4f9bed1fb0558fa6b003601b7be8d67eb592140b7f9ac4cf0bccb394e14b42a822cdc692c8c6e27ad2929719fe78659f21c128cb17618733d344fd3489f42be7
-Size (dpkg_1.18.23.tar.xz) = 4516252 bytes
+SHA1 (dpkg_1.18.24.tar.xz) = 155fe5c91728bdf82756674d5aa85e4ff2e3eac6
+RMD160 (dpkg_1.18.24.tar.xz) = 0fe5e443ed2f25ecc401c16855f2e920152b963e
+SHA512 (dpkg_1.18.24.tar.xz) = 74df36a49a1b6b2243db14bd7ee0b69e50c2f0e79fc87e86e9b3cba2261fb717e421f7190a3ba54b4680a2f83855e5857dcb2625aa56847133258567392f1d42
+Size (dpkg_1.18.24.tar.xz) = 4530444 bytes

Prev by Date: CVS commit: pkgsrc/lang/rust
Next by Date: CVS commit: pkgsrc/sysutils/py-crontab
Previous by Thread: CVS commit: pkgsrc/lang/rust
Next by Thread: CVS commit: pkgsrc/sysutils/py-crontab
Indexes:

Home | Main Index | Thread Index | Old Index